All Apps and Add-ons

Splunk Add-on for Check Point OPSEC LEA: Are the errors received on splunkd due to a bug or using an older version of the add-on?

kcarroll
Explorer

We are using the Splunk Add-on for Check Point OPSEC LEA 3.1.0 version and getting lots of errors in splunkd. Trouble is that it's got something going on and is accounting for about 94% of all errors.

Error: 
message from"/users/splunk/prod/splunk/etc/apps/Splunk_TA_opseclea_linux22/bin/lea-logggrabber.sh --configentity" mode: non_audit

I know there is an updated add-on for this, but I was wondering if this is just a config issue versus a bug issue? if a simple update of the add-on would be a fix then great, just not sure. advice welcomed.

ehollima
Path Finder

do not update unless your checkpoint environment meets the requirements of the most recent release.

0 Karma
Get Updates on the Splunk Community!

How I Instrumented a Rust Application Without Knowing Rust

As a technical writer, I often have to edit or create code snippets for Splunk's distributions of ...

Splunk Community Platform Survey

Hey Splunk Community, Starting today, the community platform may prompt you to participate in a survey. The ...

Observability Highlights | November 2022 Newsletter

 November 2022Observability CloudEnd Of Support Extension for SignalFx Smart AgentSplunk is extending the End ...